CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-0409 – Xorg-x11-server: selinux context corruption
https://notcve.org/view.php?id=CVE-2024-0409
17 Jan 2024 — A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context. Se encontró una falla en el servidor X.Org. El código del cursor tanto en Xephyr como en Xwayland utiliza el tipo incorrecto de privado en el momento de la creación. • https://access.redhat.com/errata/RHSA-2024:0320 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 59EXPL: 0CVE-2023-5455 – Ipa: invalid csrf protection
https://notcve.org/view.php?id=CVE-2023-5455
10 Jan 2024 — A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing alrea... • https://access.redhat.com/errata/RHSA-2024:0137 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-6228 – Libtiff: heap-based buffer overflow in cpstriptotile() in tools/tiffcp.c
https://notcve.org/view.php?id=CVE-2023-6228
18 Dec 2023 — An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash. Se encontró un problema en la utilidad tiffcp distribuida por el paquete libtiff donde un archivo TIFF manipulado durante el procesamiento puede provocar un desbordamiento de búfer de almacenamiento dinámico y provocar un bloqueo de la aplicación. USN-6644-1 fixed vulnerabilities in LibTIFF. This update provides the correspo... • https://access.redhat.com/errata/RHSA-2024:2289 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 1CVE-2023-6134 – Keycloak: reflected xss via wildcard in oidc redirect_uri
https://notcve.org/view.php?id=CVE-2023-6134
14 Dec 2023 — A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomplete fix for CVE-2020-10748. Se encontró una falla en Keycloak que impide ciertos esquemas en las redirecciones, pero los permite si se agrega un comodín al token. Este problema podría permitir que un atacante envíe... • https://access.redhat.com/errata/RHSA-2023:7854 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.7EPSS: 0%CPEs: 15EXPL: 1CVE-2023-6563 – Keycloak: offline session token dos
https://notcve.org/view.php?id=CVE-2023-6563
14 Dec 2023 — An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens (> 500,000 users with each having at least 2 saved sessions). If an attacker creates two or more user sessions and then open the "consents" tab of the admin User Interface, the UI attempts to load a huge number of offline client sessions leading to excessive memory and CPU consumption which could potentially crash the entire system. Se descubrió una vulnerab... • https://access.redhat.com/errata/RHSA-2023:7854 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 32%CPEs: 17EXPL: 0CVE-2023-6377 – Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions
https://notcve.org/view.php?id=CVE-2023-6377
13 Dec 2023 — A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. Se encontró una falla en xorg-server. Consultar o cambiar las acciones de los botones XKB, como pasar de un panel táctil a un mouse, puede provocar lecturas y escrituras de memoria fuera de los límites. • http://www.openwall.com/lists/oss-security/2023/12/13/1 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 1%CPEs: 17EXPL: 0CVE-2023-6478 – Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty
https://notcve.org/view.php?id=CVE-2023-6478
13 Dec 2023 — A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. Se encontró una falla en xorg-server. Una solicitud especialmente manipulada a RRChangeProviderProperty o RRChangeOutputProperty puede desencadenar un desbordamiento de enteros que puede provocar la divulgación de información confidencial. This vulnerability allows local attackers to disclose sensitive info... • http://www.openwall.com/lists/oss-security/2023/12/13/1 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-6277 – Libtiff: out-of-memory in tiffopen via a craft file
https://notcve.org/view.php?id=CVE-2023-6277
24 Nov 2023 — An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. Se encontró un error de falta de memoria en libtiff. Pasar un archivo tiff manipulado a la API TIFFOpen() puede permitir que un atacante remoto provoque una denegación de servicio a través de una entrada artesanal con un tamaño inferior a 379 KB. USN-6644-1 fixed vulnerabilities in LibTIFF. • https://access.redhat.com/security/cve/CVE-2023-6277 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-6121 – Kernel: nvme: info leak due to out-of-bounds read in nvmet_ctrl_find_get
https://notcve.org/view.php?id=CVE-2023-6121
16 Nov 2023 — An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg). Se encontró una vulnerabilidad de lectura fuera de los límites en el subsistema NVMe-oF/TCP del kernel de Linux. Esta falla permite que un atacante remoto envíe un paquete TCP manipulado, lo que desencadena... • https://access.redhat.com/errata/RHSA-2024:2394 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 2%CPEs: 5EXPL: 0CVE-2023-5824 – Squid: dos against http and https
https://notcve.org/view.php?id=CVE-2023-5824
03 Nov 2023 — Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug. Squid es vulnerable a ataques de Denegación de Servicio contra clientes HTTP y HTTPS debido a un error en el manejo inadecuado de elementos estructurales. A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or... • https://access.redhat.com/errata/RHSA-2023:7465 • CWE-755: Improper Handling of Exceptional Conditions •